Magento 2.3.2 Commerce & Open Source Has Been Released!

Magento released Magento Commerce and Magento Open Source 2.3.2. Supporting their merchants’ need for secure, high performing sites is a top priority for Magento and this latest release includes several security enhancements as well as substantial performance improvements.

Highlights include:

Security: Multiple enhancements were identified by leveraging Adobe’s sophisticated security tools and the large reach of the Adobe Hacker One bug bounty program.

Performance: Significant performance enhancements include 20% improvement to storefront page-load times, product images loading concurrently with other page content, and up to 90% improvement in category browsing for merchants with large catalogs.

Productivity: Several actions are now performed as asynchronous background processes, allowing administrators to continue working while tasks are being processed in the background.

Quality: Over 130 product quality enhancements across many critical areas of the platform.

Additionally, Magento Commerce and Magento Open Source 2.2.9 and 2.1.18 were released. These versions will also include the security enhancements outlined above.

Magento is dedicated to providing as many security fixes and updates as quickly as possible to support all merchants, across all supported Magento versions and editions. As such, Magneto has also released updates, notes, and documentation for the following Magento versions as well:

Magento Commerce and Open Source 2.3.2, 2.2.9 and 2.1.18 contain 75 security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities. Below are the high severity Magento vulnerabilities addresed by the latest security update:

Issue Type: Remote Code Execution (RCE)

CVSSv3 Severity

Security Bug

Description

9.1

Arbitrary code execution through design layout update – CVE-2019-7895

An authenticated user with admin privileges can execute arbitrary code through a crafted XML layout update.

We encourage all our merchants to take the plunge and upgrade to 2.3.2 to take full advantage of all the new features and security advancement updates! Rave Digital will perform a fully secured upgrade, following best practices for backups, upgrades, and updates as outlined by Magento eCommerce!